1080500 – Satellite 6 allows import / upload of expired manifest without checking (should show error message and prevent upload)

Bug 1080500 - Satellite 6 allows import / upload of expired manifest without checking (should show error message and prevent upload)

Summary: Satellite 6 allows import / upload of expired manifest without checking (shou...

Keywords:
Status:	CLOSED DEFERRED
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Subscription Management
Sub Component:
Version:	6.0.4
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	Unspecified
Assignee:	Tom McKay
QA Contact:	Katello QA List
Docs Contact:
URL:
Whiteboard:
Depends On:	1297047
Blocks:	GSS_Sat6Beta_Tracker, GSS_Sat6_Tracker
TreeView+	depends on / blocked

Reported:	2014-03-25 14:36 UTC by Pavel Studeník
Modified:	2019-09-26 13:45 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1297047 (view as bug list)
Environment:
Last Closed:	2017-03-22 20:55:10 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
expired manifest (192.79 KB, application/zip) 2014-03-25 14:36 UTC, Pavel Studeník	no flags	Details
Manifest with expired entitlement (64.64 KB, application/zip) 2016-01-22 15:50 UTC, William Poteat	no flags	Details
View All

Description Pavel Studeník 2014-03-25 14:36:57 UTC

Created attachment 878490 [details]
expired manifest

Description of problem:
I upload expired manifest to an organization. And then I try to enable some Red Hat repository. I got internal error 'SecurityViolation'. I investigate what is wrong, but I didn't find information about expiration. Only error in log.


Version-Release number of selected component (if applicable):
katello-1.5.0-18.el6sat.noarch


How reproducible:
Always

Steps to Reproduce:
1. Create expired manifest
2. Upload manifesto to Katello
3. Enable some Red Hat repository

Actual results:
I got error "product Red Hat Enterprise Linux Desktop repositories import: SecurityViolation occurred when contacting CDN to fetch listing files" in log

Expected results:
Show some message about expired manifest

Additional info:

==> /var/log/foreman/production.log <==
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/providers/redhat/_repo_sets.haml (8829.2ms)
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/providers/redhat/_tab.html.haml (12001.0ms)
Completed 200 OK in 13287ms (Views: 11756.6ms | ActiveRecord: 259.4ms)
Processing by Katello::ProductsController#refresh_content as */*
  Parameters: {"content_id"=>"829", "id"=>"47"}
 
product Red Hat Enterprise Linux Desktop repositories import: SecurityViolation occurred when contacting CDN to fetch listing files
/opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/lib/katello/resources/cdn.rb:105:in `rescue in get'
/opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/lib/katello/resources/cdn.rb:79:in `get'

Comment 1 RHEL Program Management 2014-03-25 14:42:56 UTC

Since this issue was entered in Red Hat Bugzilla, the release flag has been
set to ? to ensure that it is properly evaluated for this release.

Comment 6 William Poteat 2016-01-22 15:50:49 UTC

Created attachment 1117271 [details]
Manifest with expired entitlement

This has a single entitlement which expires on Dec 14 2014. It will show the behavior.

Comment 9 Bryan Kearney 2016-08-04 20:16:19 UTC

Moving 6.2 bugs out to sat-backlog.

Comment 10 Bryan Kearney 2017-03-22 20:55:10 UTC

I do not believe this will be addressed in the next few releases, so I am closing this out. If you feel this was incorrect, please feel free to re-open with additional information.

Note You need to log in before you can comment on or make changes to this bug.